Server: Nginx on Ubuntu 16.04 Xenial
Our sites "crashed" just now due to a certificate issue:
nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/letsencrypt/keys/0000_key-certbot.pem") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
nginx: configuration file /etc/nginx/nginx.conf test failed
In the Virtual hosts, we have these lines:
ssl_certificate_key /etc/letsencrypt/keys/0003_key-certbot.pem;
ssl_certificate /etc/letsencrypt/live/[domain]/fullchain.pem;
On checking the /etc/letsencrypt/keys/ folder, I found these results
/etc/letsencrypt/keys # ls -la
total 40
drwx------ 2 root root 4096 Jul 5 15:33 .
drwxr-xr-x 11 root root 4096 Apr 18 10:58 ..
-rw------- 1 root root 1704 Apr 18 11:01 0000_key-certbot.pem
-rw------- 1 root root 1708 Jan 31 14:37 0000_key-letsencrypt.pem
-rw------- 1 root root 1704 Apr 18 11:18 0001_key-certbot.pem
-rw------- 1 root root 1704 Jan 31 14:37 0001_key-letsencrypt.pem
-rw------- 1 root root 1704 Apr 18 11:19 0002_key-certbot.pem
-rw------- 1 root root 1708 Feb 2 11:47 0002_key-letsencrypt.pem
-rw------- 1 root root 1708 Jun 17 12:01 0003_key-certbot.pem
-rw------- 1 root root 1704 Jul 5 15:33 0004_key-certbot.pem
The (3) virtual host files were all referencing 0000_key-certbot.pem, after changing that to 0003_key-certbot.pem the sites were working again.
How can we prevent the sites from crashing every 90 days?
While typing this I think I found the solution, I shouldn't have been using
ssl_certificate_key /etc/letsencrypt/keys/0003_key-certbot.pem;
ssl_certificate /etc/letsencrypt/live/[domain]/fullchain.pem;
But instead
ssl_certificate_key /etc/letsencrypt/live/[domain]/privkey.pem;
ssl_certificate /etc/letsencrypt/live/[domain]/fullchain.pem;
Hope this helps someone
Related
I installed ubuntu 16 under AWS and try to install laravel 5.8 app, but
opening server with
ssh -i /home/user/pemkeys.pem
command
I got Permission denied error while running composer
ubuntu#ip-172-31-34-88:/var/www/html/lprods$ clear
ubuntu#ip-172-31-34-88:/var/www/html/lprods$ sudo chmod -R 775 /var/www/html/lprods/
ubuntu#ip-172-31-34-88:/var/www/html/lprods$ composer install
Cannot create cache directory /home/ubuntu/.composer/cache/repo/https---packagist.org/, or directory is not writable. Proceeding without cache
Cannot create cache directory /home/ubuntu/.composer/cache/files/, or directory is not writable. Proceeding without cache
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Nothing to install or update
[ErrorException]
file_put_contents(/var/www/html/lprods/vendor/composer/installed.json): failed to open stream: Permission denied
install [--prefer-source] [--prefer-dist] [--dry-run] [--dev] [--no-dev] [--no-plugins] [--no-custom-installers] [--no-autoloader] [--no-scripts] [--no-progress] [-v|vv|vvv|--verbose] [-o|--optimize-autoloader] [-a|--classmap-authoritative] [--ignore-platform-reqs] [--] [<packages>]...
ubuntu#ip-172-31-34-88:/var/www/html/lprods$ whoami
ubuntu
ubuntu#ip-172-31-34-88:/var/www/html/lprods$ lsb_release -d; uname -r; uname -i
Description: Ubuntu 16.04.6 LTS
4.4.0-1084-aws
x86_64
As far as I remember that is not good idea to run
composer install
under root.
Which steps have I to to take to install my app properly ?
UPDATED :
1) My project dir :
$ cd /var/www/html/lprods
$ ls -ld
drwxrwxrwx 16 root root 4096 Jun 17 12:34 .
(what these output means ?)
$ ls -la
total 600
drwxrwxrwx 16 root root 4096 Jun 17 12:34 .
drwxr-xr-x 4 root root 4096 Jun 17 11:42 ..
-rwxrwxrwx 1 root root 625 Jun 17 12:03 .env
-rwxrwxrwx 1 root root 521 Jun 17 11:42 .env.example
drwxrwxrwx 8 root root 4096 Jun 17 11:42 .git
-rwxrwxrwx 1 root root 111 Jun 17 11:42 .gitattributes
-rwxrwxrwx 1 root root 135 Jun 17 11:42 .gitignore
-rwxrwxrwx 1 root root 122 Jun 17 11:42 .htaccess
drwxrwxrwx 3 root root 4096 Jun 17 11:42 Modules
-rwxrwxrwx 1 root root 1110 Jun 17 11:42 Release.key
drwxrwxrwx 2 root root 4096 Jun 17 11:42 __SQL
drwxrwxrwx 10 root root 4096 Jun 17 11:42 app
-rwxrwxrwx 1 root root 1646 Jun 17 11:42 artisan
drwxrwxrwx 3 root root 4096 Jun 17 11:42 bootstrap
-rwxrwxrwx 1 root root 430 Jun 17 11:42 code.html
-rwxrwxrwx 1 root root 186 Jun 17 11:42 code.php
-rwxrwxrwx 1 root root 5746 Jun 17 11:42 code.txt
-rwxrwxrwx 1 root root 8244 Jun 17 11:42 commands.txt
-rwxrwxrwx 1 root root 1953 Jun 17 11:42 composer.json
-rwxrwxrwx 1 root root 187263 Jun 17 11:42 composer.lock
drwxrwxrwx 2 root root 4096 Jun 17 11:42 config
drwxrwxrwx 5 root root 4096 Jun 17 11:42 database
-rwxrwxrwx 1 root root 2860 Jun 17 11:42 env.txt
-rwxrwxrwx 1 root root 4236 Jun 17 11:42 good.html
-rwxrwxrwx 1 root root 83 Jun 17 11:42 lprods.sublime-project
-rwxrwxrwx 1 root root 8460 Jun 17 11:42 lprods.sublime-workspace
-rwxrwxrwx 1 root root 388 Jun 17 11:42 md.txt
drwxrwxrwx 834 root root 36864 Jun 17 11:42 node_modules
-rwxrwxrwx 1 root root 1114 Jun 17 11:42 package.json
-rwxrwxrwx 1 root root 1055 Jun 17 11:42 phpunit.xml
drwxrwxrwx 11 root root 4096 Jun 17 11:42 public
-rwxrwxrwx 1 root root 1465 Jun 17 11:42 q.twig
drwxrwxrwx 5 root root 4096 Jun 17 11:42 resources
drwxrwxrwx 2 root root 4096 Jun 17 11:42 routes
-rwxrwxrwx 1 root root 563 Jun 17 11:42 server.php
drwxrwxrwx 6 root root 4096 Jun 17 11:42 storage
drwxrwxrwx 4 root root 4096 Jun 17 11:42 tests
drwxrwxrwx 46 root root 4096 Jun 17 11:58 vendor
-rwxrwxrwx 1 root root 1549 Jun 17 11:42 webpack.mix.js
-rwxrwxrwx 1 root root 204808 Jun 17 11:42 yarn.lock
2) I removed dirs :
rm -R vendor
rm -R /home/ubuntu/.composer
and after that running in my app
composer install
my project was successfully installed.
Could you please give some explanations, why so ?
Thanks!
you can use sudo composer update if permission denied arises. or you should add composer globally like composer global require laravel/installer and can easily access composer from any where also try changing the permission of the project like sudo chown -R user:user project
I currently have a server running Ubuntu 18.04 with Apache2. I am not able to access png's and svg files in sub directories. Example: /var/www/html/icons/new.svg when the page is located in /var/www/html/index.php. However, Apache will deliver images from within the page directory so all photos within /var/www/html will be delivered.
The error code for the images is just a plain 404. I am able to access pages within /var/www/html/sub/index.php. All images are using relative links if that matters.
I do have a non verified ssl on my server but even on plain http it doesn't deliver if that matters.
It's probably a dumb question but thanks for your time anyways.
All Code worked on a local wamp server before being put on a lamp server.
Example Code:
<img src="icons/new.svg"> <!--Wont work-->
<img src="logo.svg"> <!--Will Work-->
Inside /var/www/html
drwxr-xr-x 6 root root 4096 Jun 26 18:04 .
drwxr-xr-x 3 root root 4096 Jun 22 18:55 ..
drwxr-xr-x 4 root root 4096 Jun 26 17:50 icons
-rw-r--r-- 1 root root 4340 Jun 26 18:11 index.php
-rw-r--r-- 1 root root 4172 Jun 26 18:11 logo.svg
-rw-r--r-- 1 root root 1856 Jun 26 18:11 mainstyle.css
drwxr-xr-x 2 root root 4096 Jun 26 17:50 PHP
drwxr-xr-x 2 root root 4096 Jun 26 17:50 plandetails
drwxr-xr-x 2 root root 4096 Jun 26 17:50 planicons
-rw-r--r-- 1 root root 295915 Jun 26 18:11 searchbkg.jpg
-rw-r--r-- 1 root root 7366 Jun 26 18:11 searchbkg.svg
Inside the icons folder
drwxr-xr-x 4 root root 4096 Jun 26 17:50 .
drwxr-xr-x 6 root root 4096 Jun 26 18:04 ..
-rw-r--r-- 1 root root 446 Jun 26 18:37 arrowleft.svg
-rw-r--r-- 1 root root 446 Jun 26 18:37 arrowrt.svg
-rw-r--r-- 1 root root 7863 Jun 26 18:37 bestoffer.svg
-rw-r--r-- 1 root root 4024 Jun 26 18:37 free.svg
-rw-r--r-- 1 root root 477 Jun 26 18:37 informationbubble.svg
-rw-r--r-- 1 root root 3404 Jun 26 18:37 new.svg
drwxr-xr-x 2 root root 4096 Jun 26 17:50 plans
drwxr-xr-x 2 root root 4096 Jun 26 17:50 prices
-rw-r--r-- 1 root root 2272 Jun 26 18:37 save.svg
Updated /var/www/html perms
drwxr-xr-x 6 root root 4096 Jun 26 18:04 .
drwxr-xr-x 3 root root 4096 Jun 22 18:55 ..
drwxr-xr-x 4 root root 4096 Jun 26 17:50 icons
-rw-r--r-- 1 root root 4340 Jun 26 18:37 index.php
-rw-r--r-- 1 root root 4172 Jun 26 18:37 logo.svg
-rw-r--r-- 1 root root 1856 Jun 26 18:37 mainstyle.css
drwxr-xr-x 2 root root 4096 Jun 26 17:50 PHP
drwxr-xr-x 2 root root 4096 Jun 26 17:50 plandetails
drwxr-xr-x 2 root root 4096 Jun 26 17:50 planicons
-rw-r--r-- 1 root root 295915 Jun 26 18:37 searchbkg.jpg
-rw-r--r-- 1 root root 7366 Jun 26 18:37 searchbkg.svg
For anyone wondering I used the combination of the help below and this
This is not a php question, this is an apache question and is a matter of permissions, try:
chmod a+rx /var/www/html/sub/
and
chmod a+r /var/www/html/*
EDIT:
Your Virtual Host should be:
DocumentRoot /var/www/html
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
What is the location of all .vbox files that are created in virtual box in a mac. And how can we delete it?
I mistakenly deleted virtualbox.app file from Applications and now I want to delete all the remains of all virtual box files.
I tried following things:
drwxr-xr-x# 3 user admin 102 Dec 19 19:57 vagrant
-rw-r--r-- 1 root wheel 1824496 Feb 21 17:17 com.vagrant.vagrant.bom
-rw-r--r-- 1 root wheel 240 Feb 21 17:17 com.vagrant.vagrant.plist
drwx------ 5 root wheel 170 Feb 21 16:59 ubuntu-cloudimg-precise-vagrant-amd64_1487725164672_27815
./private/var/root/VirtualBox VMs/ubuntu-cloudimg-precise-vagrant-amd64_1487725164672_27815:
-rw------- 1 root wheel 3036 Feb 21 16:59 ubuntu-cloudimg-precise-vagrant-amd64_1487725164672_27815.vbox
-rw------- 1 root wheel 3036 Feb 21 16:59 ubuntu-cloudimg-precise-vagrant-amd64_1487725164672_27815.vbox-prev
lrwxr-xr-x 1 root wheel 24 Feb 21 17:17 vagrant -> /opt/vagrant/bin/vagrant
But I could not find the location of .vbox files to manually delete them.
By default the .vbox files normally go into your users' home directory:
pwd
/Users/Astro58/VirtualBox VMs
total 264
drwx------# 6 lance staff 204 Feb 22 19:03 ./
drwxr-xr-x+ 88 lance staff 2992 Feb 22 16:11 ../
drwx------ 6 lance staff 204 Feb 22 19:50 Laravel_default_1487808229046_76286/
drwx------ 7 lance staff 238 Feb 20 12:53 legacy_default_1487457532080_39585/
You should be able to delete the "VirtualBox VMs" directory via the rm command or via the Mac Finder.
We are using a centralized conda install. The Continuum docs say:
A .condarc file may also be located in the root environment, in which case it overrides any in the home directory.
Perhaps I'm not understanding what "root environment" means. I put a .condarc at the top level in the conda install directory. However anytime I run any conda operation (including just conda list), it overrides the one in the root environment and creates one in my home directory.
With the newest version of conda under debian I copy the config file as such
root#e42dc1ece1e3:/home/jonb4# ls -la /opt/conda/
total 24
drwxr-xr-x 11 root root 155 Sep 28 11:53 .
drwxr-xr-x 3 root root 19 Jun 4 08:23 ..
-rw-r--r-- 1 root root 1058 Sep 28 11:53 .condarc
-rw-rw-r-- 1 root root 3699 May 12 20:59 LICENSE.txt
drwxr-xr-x 2 root root 4096 Jun 4 08:24 bin
drwxr-xr-x 2 root root 4096 Jun 4 08:24 conda-meta
drwxr-xr-x 2 root root 6 Jun 4 08:24 envs
drwxr-xr-x 3 root root 18 Jun 4 08:24 etc
drwxr-xr-x 5 root root 314 Jun 4 08:24 include
drwxr-xr-x 8 root root 4096 Jun 4 08:24 lib
drwxr-xr-x 28 root root 4096 Jun 4 08:24 pkgs
drwxr-xr-x 4 root root 29 Jun 4 08:24 share
drwxr-xr-x 3 root root 71 Jun 4 08:24 ssl
Then as a user my correct config settings are read without a problem.
I retrieve a project in symfony 1.4 . The project is currently running on an Ubuntu server (LAMP). When I run the project on my Mac , the photos do not appear yet the path is good . I think it is a problem of access rule but i am not an expert.
I Thank You in advance to help me.
As attachment files of my mac and the server.
On my mac :
-rwxrwxrwx 1 vincentmoulene _www 204 17 fév 22:43 README.md
drwxrwxrwx 17 vincentmoulene _www 578 14 jan 22:51 apps
drwxrwxrwx 5 vincentmoulene _www 170 4 mar 22:26 cache
drwxrwxrwx 8 vincentmoulene _www 272 26 fév 11:17 config
-rw-r--r-- 1 vincentmoulene _www 4478 3 mar 17:08 connection_sequel.spf
drwxrwxrwx 5 vincentmoulene _www 170 4 mar 22:26 data
-rwxrwxrwx 1 vincentmoulene _www 3263056 6 fév 12:20 emoovio_2015-02-06.sql
-rwxrwxrwx 1 vincentmoulene _www 3325677 16 fév 18:08 emoovio_2015-02-16.sql
-rwxrwxrwx 1 vincentmoulene _www 11510 14 jan 20:44 index.html
drwxrwxrwx 8 vincentmoulene _www 272 6 fév 16:58 lib
drwxrwxrwx 57 vincentmoulene _www 1938 26 fév 16:02 log
-rw-r--r-- 1 vincentmoulene _www 1364 2 mar 12:19 main.cf
drwxrwxrwx 4 vincentmoulene _www 136 14 jan 21:15 nbproject
drwxrwxrwx 4 vincentmoulene _www 136 14 jan 22:49 plugins
drwxrwxrwx 6 vincentmoulene _www 204 6 fév 16:58 sfFormExtraPlugin
-rwxrwxrwx 1 vincentmoulene _www 446 14 jan 20:44 symfony
drwxrwxrwx 6 vincentmoulene _www 204 6 fév 16:58 test
drwxrwxrwx 17 vincentmoulene _www 578 2 mar 15:29 web
On the server :
drwxrwxrwx 12 777 root 4096 Feb 26 10:08 ./
drwxr-xr-x 3 root root 4096 Dec 17 13:17 ../
drwxrwxrwx 14 www-data www-data 4096 Feb 3 2014 apps/
drwxrwxrwx 4 777 www-data 4096 Feb 25 14:55 cache/
drwxrwxrwx 3 www-data www-data 4096 Dec 29 10:35 config/
drwxrwxrwx 4 www-data www-data 4096 Dec 29 10:35 data/
-rwxrwxrwx 1 root root 11510 Dec 17 13:17 index.html*
drwxrwxrwx 7 www-data www-data 4096 Feb 3 2014 lib/
drwxrwxrwx 3 www-data www-data 4096 Feb 25 15:19 log/
drwxrwxrwx 2 www-data www-data 4096 Feb 2 2014 nbproject/
drwxrwxrwx 3 www-data www-data 4096 Feb 3 2014 plugins/
-rwxrwxrwx 1 www-data www-data 446 Feb 20 2013 symfony*
drwxrwxrwx 5 www-data www-data 4096 Feb 3 2014 test/
drwxrwxrwx 8 www-data www-data 4096 Aug 28 2014 web/
First, I got a functional site to improve it. This site is currently in production and runs on a LAMP stack (Ubuntu 14.04 , ....) .
To work on it , I recover the project . I work on Mac ( MAMP ) .
Indeed, the concern I have is that some pages are not available ... Therefore, I tried to change the rights but to no avail .
Then I tried to run two possibilities:
1) using Apache / Mysql run as www (Apache) and mysql ( mysql) : You do not -have permission to access this server /.../on (error 403).
2) using Apache / Mysql run as user (Apache) and user ( mysql) : The requested URL was not found /.../ on this server (error 404).
And in my apache_error.log : Directory index forbidden by Options directive: